--On Tuesday, January 15, 2013 1:32 PM -0800 Ori Bani oribani@gmail.com wrote:
Hi,
If compiling and installing from source, I don't see any information in the manual about how to auto-start the software and about process/file/directory permissions and ownership. I'm still searching the Faq-O-Matic (which is a little frustrating).
Read the slapd man page for the options required to start slapd:
As for "auto-starting", that is generally OS specific. Your OS vendor should be able to provide you with documentation on how to write scripts to auto start software on your given platform of choice. That does not seem to be within the scope of OpenLDAP.
Taking a step back, I'd love to install from yum on RHEL/CentOS and let it be taken care of in a trusted manner. But we require better password hashing than SHA1, so we are required to compile by hand using the passwd/sha2 contributed module (little surprised this isn't accepted into the core project, but I'm sure there are reasons). Maybe I can find this in a third-party repo somewhere?
Not sure what you mean. the SHA2 contrib module is shipped with every OpenLDAP release. Thus, as best I can tell, it is indeed included. It is up to the end administrator to determine what features they do or do not wish to include in their build. If you are using an OS provided build, and they are missing things you think are desirable, then that is a conversation to have with your OS vendor.
If you are using RHEL or CentOS, you may be interested in http://ltb-project.org/wiki/download#openldap
After installation, what is commonly done in this regard? Create user/group "ldap" with no login shell and chown ldap:ldap on /usr/local/var/openldap-data? Is that all?
It depends on your needs. I have done anything from running slapd as root, to running it as a specific user.
Then what do people use for auto-starting the software (presumably with -u ldap -g ldap) in a RedHat environment?
I wrote my own startup script that works with chkconfig. http://linuxcommand.org/man_pages/chkconfig8.html
--Quanah
--
Quanah Gibson-Mount Sr. Member of Technical Staff Zimbra, Inc A Division of VMware, Inc. -------------------- Zimbra :: the leader in open source messaging and collaboration